| blob | 5a65aa27b6ae35c0a05a7319a872870ed574e7f2 |
3 ///////////////////////////////////////////////////////////////////////////
4 // //
5 // NOTICE OF COPYRIGHT //
6 // //
7 // Moodle - Modular Object-Oriented Dynamic Learning Environment //
8 // http://moodle.org //
9 // //
10 // Copyright (C) 1999-2004 Martin Dougiamas http://dougiamas.com //
11 // //
12 // This program is free software; you can redistribute it and/or modify //
13 // it under the terms of the GNU General Public License as published by //
14 // the Free Software Foundation; either version 2 of the License, or //
15 // (at your option) any later version. //
16 // //
17 // This program is distributed in the hope that it will be useful, //
18 // but WITHOUT ANY WARRANTY; without even the implied warranty of //
19 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
20 // GNU General Public License for more details: //
21 // //
22 // http://www.gnu.org/copyleft/gpl.html //
23 // //
24 ///////////////////////////////////////////////////////////////////////////
26 /**
27 * moodlelib.php - Moodle main library
28 *
29 * Main library file of miscellaneous general-purpose Moodle functions.
30 * Other main libraries:
31 * - weblib.php - functions that produce web output
32 * - datalib.php - functions that access the database
33 * @author Martin Dougiamas
34 * @version $Id$
35 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
36 * @package moodlecore
37 */
39 /// CONSTANTS (Encased in phpdoc proper comments)/////////////////////////
41 /**
42 * Used by some scripts to check they are being called by Moodle
43 */
46 /// Date and time constants ///
47 /**
48 * Time constant - the number of seconds in a year
49 */
53 /**
54 * Time constant - the number of seconds in a week
55 */
58 /**
59 * Time constant - the number of seconds in a day
60 */
63 /**
64 * Time constant - the number of seconds in an hour
65 */
68 /**
69 * Time constant - the number of seconds in a minute
70 */
73 /**
74 * Time constant - the number of minutes in a day
75 */
78 /**
79 * Time constant - the number of minutes in an hour
80 */
83 /// Parameter constants - every call to optional_param(), required_param() ///
84 /// or clean_param() should have a specified type of parameter. //////////////
86 /**
87 * PARAM_RAW specifies a parameter that is not cleaned/processed in any way;
88 * originally was 0, but changed because we need to detect unknown
89 * parameter types and swiched order in clean_param().
90 */
93 /**
94 * PARAM_CLEAN - obsoleted, please try to use more specific type of parameter.
95 * It was one of the first types, that is why it is abused so much ;-)
96 */
99 /**
100 * PARAM_INT - integers only, use when expecting only numbers.
101 */
104 /**
105 * PARAM_INTEGER - an alias for PARAM_INT
106 */
109 /**
110 * PARAM_NUMBER - a real/floating point number.
111 */
114 /**
115 * PARAM_ALPHA - contains only english letters.
116 */
119 /**
120 * PARAM_ACTION - an alias for PARAM_ALPHA, use for various actions in formas and urls
121 * @TODO: should we alias it to PARAM_ALPHANUM ?
122 */
125 /**
126 * PARAM_FORMAT - an alias for PARAM_ALPHA, use for names of plugins, formats, etc.
127 * @TODO: should we alias it to PARAM_ALPHANUM ?
128 */
131 /**
132 * PARAM_NOTAGS - all html tags are stripped from the text. Do not abuse this type.
133 */
136 /**
137 * PARAM_MULTILANG - alias of PARAM_TEXT.
138 */
141 /**
142 * PARAM_TEXT - general plain text compatible with multilang filter, no other html tags.
143 */
146 /**
147 * PARAM_FILE - safe file name, all dangerous chars are stripped, protects against XSS, SQL injections and directory traversals
148 */
151 /**
152 * PARAM_TAG - one tag (interests, blogs, etc.) - mostly international alphanumeric with spaces
153 */
156 /**
157 * PARAM_TAGLIST - list of tags separated by commas (interests, blogs, etc.)
158 */
161 /**
162 * PARAM_PATH - safe relative path name, all dangerous chars are stripped, protects against XSS, SQL injections and directory traversals
163 * note: the leading slash is not removed, window drive letter is not allowed
164 */
167 /**
168 * PARAM_HOST - expected fully qualified domain name (FQDN) or an IPv4 dotted quad (IP address)
169 */
172 /**
173 * PARAM_URL - expected properly formatted URL. Please note that domain part is required, http://localhost/ is not acceppted but http://localhost.localdomain/ is ok.
174 */
177 /**
178 * PARAM_LOCALURL - expected properly formatted URL as well as one that refers to the local server itself. (NOT orthogonal to the others! Implies PARAM_URL!)
179 */
182 /**
183 * PARAM_CLEANFILE - safe file name, all dangerous and regional chars are removed,
184 * use when you want to store a new file submitted by students
185 */
188 /**
189 * PARAM_ALPHANUM - expected numbers and letters only.
190 */
193 /**
194 * PARAM_BOOL - converts input into 0 or 1, use for switches in forms and urls.
195 */
198 /**
199 * PARAM_CLEANHTML - cleans submitted HTML code and removes slashes
200 * note: do not forget to addslashes() before storing into database!
201 */
204 /**
205 * PARAM_ALPHAEXT the same contents as PARAM_ALPHA plus the chars in quotes: "/-_" allowed,
206 * suitable for include() and require()
207 * @TODO: should we rename this function to PARAM_SAFEDIRS??
208 */
211 /**
212 * PARAM_SAFEDIR - safe directory name, suitable for include() and require()
213 */
216 /**
217 * PARAM_SEQUENCE - expects a sequence of numbers like 8 to 1,5,6,4,6,8,9. Numbers and comma only.
218 */
221 /**
222 * PARAM_PEM - Privacy Enhanced Mail format
223 */
226 /**
227 * PARAM_BASE64 - Base 64 encoded format
228 */
232 /// Page types ///
233 /**
234 * PAGE_COURSE_VIEW is a definition of a page type. For more information on the page class see moodle/lib/pagelib.php.
235 */
238 /// Debug levels ///
239 /** no warnings at all */
241 /** E_ERROR | E_PARSE */
243 /** E_ERROR | E_PARSE | E_WARNING | E_NOTICE */
245 /** E_ALL without E_STRICT and E_RECOVERABLE_ERROR for now */
247 /** DEBUG_ALL with extra Moodle debug messages - (DEBUG_ALL | 32768) */
250 /**
251 * Blog access level constant declaration
252 */
259 /**
260 * Tag constanst
261 */
266 /// PARAMETER HANDLING ////////////////////////////////////////////////////
268 /**
269 * Returns a particular value for the named variable, taken from
270 * POST or GET. If the parameter doesn't exist then an error is
271 * thrown because we require this variable.
272 *
273 * This function should be used to initialise all required values
274 * in a script that are based on parameters. Usually it will be
275 * used like this:
276 * $id = required_param('id');
277 *
278 * @param string $parname the name of the page parameter we want
279 * @param int $type expected type of parameter
280 * @return mixed
281 */
284 // detect_unchecked_vars addition
289 }
297 }
300 }
302 /**
303 * Returns a particular value for the named variable, taken from
304 * POST or GET, otherwise returning a given default.
305 *
306 * This function should be used to initialise all optional values
307 * in a script that are based on parameters. Usually it will be
308 * used like this:
309 * $name = optional_param('name', 'Fred');
310 *
311 * @param string $parname the name of the page parameter we want
312 * @param mixed $default the default value to return if nothing is found
313 * @param int $type expected type of parameter
314 * @return mixed
315 */
318 // detect_unchecked_vars addition
323 }
331 }
334 }
336 /**
337 * Used by {@link optional_param()} and {@link required_param()} to
338 * clean the variables and/or cast to specific types, based on
339 * an options field.
340 * <code>
341 * $course->format = clean_param($course->format, PARAM_ALPHA);
342 * $selectedgrade_item = clean_param($selectedgrade_item, PARAM_CLEAN);
343 * </code>
344 *
345 * @uses $CFG
346 * @uses PARAM_CLEAN
347 * @uses PARAM_INT
348 * @uses PARAM_INTEGER
349 * @uses PARAM_ALPHA
350 * @uses PARAM_ALPHANUM
351 * @uses PARAM_NOTAGS
352 * @uses PARAM_ALPHAEXT
353 * @uses PARAM_BOOL
354 * @uses PARAM_SAFEDIR
355 * @uses PARAM_CLEANFILE
356 * @uses PARAM_FILE
357 * @uses PARAM_PATH
358 * @uses PARAM_HOST
359 * @uses PARAM_URL
360 * @uses PARAM_LOCALURL
361 * @uses PARAM_CLEANHTML
362 * @uses PARAM_SEQUENCE
363 * @param mixed $param the variable we are cleaning
364 * @param int $type expected format of param after cleaning.
365 * @return mixed
366 */
375 }
377 }
386 }
422 }
442 }
456 // match ipv4 dotted quad
458 // confirm values are ok
463 // hmmm, what kind of dotted quad is this?
465 }
469 ) {
470 // all is ok - $param is respected
472 // all is not ok...
474 }
480 // all is ok, param is respected
483 }
490 // root-relative, ok!
492 // absolute, and matches our wwwroot
494 // relative - let's make sure there are no tricks
496 // looks ok.
499 }
500 }
501 }
506 // PEM formatted strings may contain letters/numbers and the symbols
507 // forward slash: /
508 // plus sign: +
509 // equal sign: =
510 // , surrounded by BEGIN and END CERTIFICATE prefix and suffixes
511 if (preg_match('/^-----BEGIN CERTIFICATE-----([\s\w\/\+=]+)-----END CERTIFICATE-----$/', trim($param), $matches)) {
519 }
520 }
525 // PEM formatted strings may contain letters/numbers and the symbols
526 // forward slash: /
527 // plus sign: +
528 // equal sign: =
531 }
533 // Each line of base64 encoded data must be 64 characters in
534 // length, except for the last line which may be less than (or
535 // equal to) 64 characters long.
540 }
542 }
546 }
547 }
551 }
554 //first fix whitespace
556 //remove blacklisted ASCII ranges of chars - security FIRST - keep only ascii letters, numnbers and spaces
557 //the result should be safe to be used directly in html and SQL
558 $param = preg_replace("/[\\000-\\x1f\\x21-\\x2f\\x3a-\\x40\\x5b-\\x60\\x7b-\\x7f]/", '', $param);
559 //now remove some unicode ranges we do not want
561 //cleanup the spaces
566 //numeric tags not allowed
576 }
577 }
582 }
586 }
587 }
591 /**
592 * Set a key in global configuration
593 *
594 * Set a key/value pair in both this session's {@link $CFG} global variable
595 * and in the 'config' database table for future sessions.
596 *
597 * Can also be used to update keys for plugin-scoped configs in config_plugin table.
598 * In that case it doesn't affect $CFG.
599 *
600 * @param string $name the key to set
601 * @param string $value the value to set (without magic quotes)
602 * @param string $plugin (optional) the plugin scope
603 * @uses $CFG
604 * @return bool
605 */
607 /// No need for get_config because they are usually always available in $CFG
621 }
631 }
632 }
633 }
635 /**
636 * Get configuration values from the global config table
637 * or the config_plugins table.
638 *
639 * If called with no parameters it will do the right thing
640 * generating $CFG safely from the database without overwriting
641 * existing values.
642 *
643 * If called with 2 parameters it will return a $string single
644 * value or false of the value is not found.
645 *
646 * @param string $plugin
647 * @param string $name
648 * @uses $CFG
649 * @return hash-like object or single value
650 *
651 */
661 }
662 }
664 // the user is after a recordset
671 }
675 }
677 // this was originally in setup.php
685 // complain if the DB has a different
686 // value than config.php does
687 error_log("\$CFG->{$config->name} in config.php ({$localcfg[$config->name]}) overrides database setting ({$config->value})");
688 }
689 }
690 }
695 // preserve $CFG if DB returns nothing or error
697 }
699 }
700 }
702 /**
703 * Removes a key from global configuration
704 *
705 * @param string $name the key to set
706 * @param string $plugin (optional) the plugin scope
707 * @uses $CFG
708 * @return bool
709 */
720 }
721 }
724 /**
725 * Refresh current $USER session global variable with all their current preferences.
726 * @uses $USER
727 */
732 //reset preference
736 // no pernament storage for not-logged-in user and guest
741 }
742 }
745 }
747 /**
748 * Sets a preference for the current user
749 * Optionally, can set a preference for a different user object
750 * @uses $USER
751 * @todo Add a better description and include usage examples. Add inline links to $USER and user functions in above line.
753 * @param string $name The key to set as preference for the specified user
754 * @param string $value The value to set forthe $name key in the specified user's record
755 * @param int $otheruserid A moodle user ID
756 * @return bool
757 */
764 }
768 }
775 }
780 }
782 }
786 // no pernament storage for not-logged-in user and guest
788 } else if ($preference = get_record('user_preferences', 'userid', $userid, 'name', addslashes($name))) {
791 }
792 if (!set_field('user_preferences', 'value', addslashes((string)$value), 'id', $preference->id)) {
794 }
803 }
804 }
806 // update value in USER session if needed
809 }
812 }
814 /**
815 * Unsets a preference completely by deleting it from the database
816 * Optionally, can set a preference for a different user id
817 * @uses $USER
818 * @param string $name The key to unset as preference for the specified user
819 * @param int $otheruserid A moodle user ID
820 */
827 }
833 }
835 //Delete the preference from $USER if needed
838 }
840 //Then from DB
842 }
845 /**
846 * Sets a whole array of preferences for the current user
847 * @param array $prefarray An array of key/value pairs to be set
848 * @param int $otheruserid A moodle user ID
849 * @return bool
850 */
855 }
859 // The order is important; test for return is done first
861 }
863 }
865 /**
866 * If no arguments are supplied this function will return
867 * all of the current user preferences as an array.
868 * If a name is specified then this function
869 * attempts to return that particular preference value. If
870 * none is found, then the optional value $default is returned,
871 * otherwise NULL.
872 * @param string $name Name of the key to use in finding a preference value
873 * @param string $default Value to be returned if the $name key is not set in the user preferences
874 * @param int $otheruserid A moodle user ID
875 * @uses $USER
876 * @return string
877 */
883 }
889 }
899 }
900 }
901 }
911 }
912 }
915 /// FUNCTIONS FOR HANDLING TIME ////////////////////////////////////////////
917 /**
918 * Given date parts in user time produce a GMT timestamp.
919 *
920 * @param int $year The year part to create timestamp of
921 * @param int $month The month part to create timestamp of
922 * @param int $day The day part to create timestamp of
923 * @param int $hour The hour part to create timestamp of
924 * @param int $minute The minute part to create timestamp of
925 * @param int $second The second part to create timestamp of
926 * @param float $timezone ?
927 * @param bool $applydst ?
928 * @return int timestamp
929 * @todo Finish documenting this function
930 */
931 function make_timestamp($year, $month=1, $day=1, $hour=0, $minute=0, $second=0, $timezone=99, $applydst=true) {
942 }
943 }
947 }
949 /**
950 * Given an amount of time in seconds, returns string
951 * formatted nicely as weeks, days, hours etc as needed
952 *
953 * @uses MINSECS
954 * @uses HOURSECS
955 * @uses DAYSECS
956 * @uses YEARSECS
957 * @param int $totalsecs ?
958 * @param array $str ?
959 * @return string
960 */
976 }
1012 }
1014 /**
1015 * Returns a formatted string that represents a date in user time
1016 * <b>WARNING: note that the format is for strftime(), not date().</b>
1017 * Because of a bug in most Windows time libraries, we can't use
1018 * the nicer %e, so we have to use %d which has leading zeroes.
1019 * A lot of the fuss in the function is just getting rid of these leading
1020 * zeroes as efficiently as possible.
1021 *
1022 * If parameter fixday = true (default), then take off leading
1023 * zero from %d, else mantain it.
1024 *
1025 * @uses HOURSECS
1026 * @param int $date timestamp in GMT
1027 * @param string $format strftime format
1028 * @param float $timezone
1029 * @param bool $fixday If true (default) then the leading
1030 * zero from %d is removed. If false then the leading zero is mantained.
1031 * @return string
1032 */
1039 }
1046 }
1059 }
1068 }
1069 }
1071 /// If we are running under Windows convert from windows encoding to UTF-8
1072 /// (because it's impossible to specify UTF-8 to fetch locale info in Win32)
1078 }
1079 }
1082 }
1084 /**
1085 * Given a $time timestamp in GMT (seconds since epoch),
1086 * returns an array that represents the date in user time
1087 *
1088 * @uses HOURSECS
1089 * @param int $time Timestamp in GMT
1090 * @param float $timezone ?
1091 * @return array An array that represents the date in user time
1092 * @todo Finish documenting this function
1093 */
1100 }
1102 // There is no gmgetdate so we use gmdate instead
1122 }
1124 /**
1125 * Given a GMT timestamp (seconds since epoch), offsets it by
1126 * the timezone. eg 3pm in India is 3pm GMT - 7 * 3600 seconds
1127 *
1128 * @uses HOURSECS
1129 * @param int $date Timestamp in GMT
1130 * @param float $timezone
1131 * @return int
1132 */
1139 }
1141 }
1143 /**
1144 * Given a time, return the GMT timestamp of the most recent midnight
1145 * for the current user.
1146 *
1147 * @param int $date Timestamp in GMT
1148 * @param float $timezone ?
1149 * @return ?
1150 */
1156 // Time of midnight of this user's day, in GMT
1157 return make_timestamp($userdate['year'], $userdate['mon'], $userdate['mday'], 0, 0, 0, $timezone);
1159 }
1161 /**
1162 * Returns a string that prints the user's timezone
1163 *
1164 * @param float $timezone The user's timezone
1165 * @return string
1166 */
1173 }
1177 }
1180 // Don't show .0 for whole hours
1182 }
1186 }
1189 }
1192 }
1194 }
1196 /**
1197 * Returns a float which represents the user's timezone difference from GMT in hours
1198 * Checks various settings and picks the most dominant of those which have a value
1199 *
1200 * @uses $CFG
1201 * @uses $USER
1202 * @param float $tz If this value is provided and not equal to 99, it will be returned as is and no other settings will be checked
1203 * @return int
1204 */
1217 }
1219 }
1220 }
1222 /**
1223 * Returns a float or a string which denotes the user's timezone
1224 * A float value means that a simple offset from GMT is used, while a string (it will be the name of a timezone in the database)
1225 * means that for this timezone there are also DST rules to be taken into account
1226 * Checks various settings and picks the most dominant of those which have a value
1227 *
1228 * @uses $USER
1229 * @uses $CFG
1230 * @param float $tz If this value is provided and not equal to 99, it will be returned as is and no other settings will be checked
1231 * @return mixed
1232 */
1241 );
1247 }
1250 }
1252 /**
1253 * ?
1254 *
1255 * @uses $CFG
1256 * @uses $db
1257 * @param string $timezonename ?
1258 * @return object
1259 */
1266 }
1270 }
1274 }
1276 /**
1277 * ?
1278 *
1279 * @uses $CFG
1280 * @uses $USER
1281 * @param ? $fromyear ?
1282 * @param ? $to_year ?
1283 * @return bool
1284 */
1291 // Trivial timezone, no DST
1293 }
1296 // We have precalculated values, but the user's effective TZ has changed in the meantime, so reset
1299 }
1302 // Repeat calls which do not request specific year ranges stop here, we have already calculated the table
1303 // This will be the return path most of the time, pretty light computationally
1305 }
1307 // Reaching here means we either need to extend our table or create it from scratch
1309 // Remember which TZ we calculated these changes for
1313 // If we 're creating from scratch, put the two guard elements in there
1315 }
1317 // If creating from scratch
1321 // Fill in the array with the extra years we need to process
1325 }
1327 // Take note of which years we have processed for future calls
1329 }
1331 // If needing to extend the table, do the same
1338 // Take note of which years we need to process and then note that we have processed them for future calls
1341 }
1343 }
1345 // Take note of which years we need to process and then note that we have processed them for future calls
1348 }
1350 }
1351 }
1354 // This means that there was a call requesting a SMALLER range than we have already calculated
1356 }
1358 // From now on, we know that the array has at least the two guard elements, and $yearstoprocess has the years we need
1359 // Also, the array is sorted in descending timestamp order!
1361 // Get DB data
1362 $presetrecords = get_records('timezone', 'name', $usertz, 'year DESC', 'year, gmtoff, dstoff, dst_month, dst_startday, dst_weekday, dst_skipweeks, dst_time, std_month, std_startday, std_weekday, std_skipweeks, std_time');
1365 }
1367 // Remove ending guard (first element of the array)
1371 // Add all required change timestamps
1373 // Find the record which is in effect for the year $y
1377 }
1378 }
1384 }
1387 }
1390 }
1391 }
1393 // Put in a guard element at the top
1395 $SESSION->dst_offsets[($maxtimestamp + DAYSECS)] = NULL; // DAYSECS is arbitrary, any "small" number will do
1397 // Sort again
1401 }
1405 if($timezone->dst_startday == 0 && $timezone->dst_weekday == 0 && $timezone->std_startday == 0 && $timezone->std_weekday == 0) {
1407 }
1409 $monthdaydst = find_day_in_month($timezone->dst_startday, $timezone->dst_weekday, $timezone->dst_month, $year);
1410 $monthdaystd = find_day_in_month($timezone->std_startday, $timezone->std_weekday, $timezone->std_month, $year);
1418 // Instead of putting hour and minute in make_timestamp(), we add them afterwards.
1419 // This has the advantage of being able to have negative values for hour, i.e. for timezones
1420 // where GMT time would be in the PREVIOUS day than the local one on which DST changes.
1426 }
1428 // $time must NOT be compensated at all, it has to be a pure timestamp
1434 }
1440 }
1441 }
1443 // This is the normal return path
1446 }
1448 // Reaching this point means we haven't calculated far enough, do it now:
1449 // Calculate extra DST changes if needed and recurse. The recursion always
1450 // moves toward the stopping condition, so will always end.
1453 // We need a year smaller than $SESSION->dst_range[0]
1456 }
1459 }
1461 // We need a year larger than $SESSION->dst_range[1]
1464 }
1467 }
1468 }
1475 // Don't care about weekday, so return:
1476 // abs($startday) if $startday != -1
1477 // $daysinmonth otherwise
1479 }
1481 // From now on we 're looking for a specific weekday
1483 // Give "end of month" its actual value, since we know it
1486 }
1488 // Starting from day $startday, the sign is the direction
1495 // This is the last such weekday of the month
1499 }
1501 // Find the first such weekday <= $startday
1504 }
1508 }
1516 }
1518 // This is the first such weekday of the month equal to or after $startday
1523 }
1524 }
1526 /**
1527 * Calculate the number of days in a given month
1528 *
1529 * @param int $month The month whose day count is sought
1530 * @param int $year The year of the month whose day count is sought
1531 * @return int
1532 */
1535 }
1537 /**
1538 * Calculate the position in the week of a specific calendar day
1539 *
1540 * @param int $day The day of the date whose position in the week is sought
1541 * @param int $month The month of the date whose position in the week is sought
1542 * @param int $year The year of the date whose position in the week is sought
1543 * @return int
1544 */
1546 // I wonder if this is any different from
1547 // strftime('%w', mktime(12, 0, 0, $month, $daysinmonth, $year, 0));
1549 }
1551 /// USER AUTHENTICATION AND LOGIN ////////////////////////////////////////
1553 /**
1554 * Makes sure that $USER->sesskey exists, if $USER itself exists. It sets a new sesskey
1555 * if one does not already exist, but does not overwrite existing sesskeys. Returns the
1556 * sesskey string if $USER exists, or boolean false if not.
1557 *
1558 * @uses $USER
1559 * @return string
1560 */
1566 }
1570 }
1573 }
1576 /**
1577 * For security purposes, this function will check that the currently
1578 * given sesskey (passed as a parameter to the script or this function)
1579 * matches that of the current user.
1580 *
1581 * @param string $sesskey optionally provided sesskey
1582 * @return bool
1583 */
1589 }
1593 }
1597 }
1600 }
1602 /**
1603 * Setup all global $CFG course variables, set locale and also themes
1604 * This function can be used on pages that do not require login instead of require_login()
1605 *
1606 * @param mixed $courseorid id of the course or course object
1607 */
1611 /// Redefine global $COURSE if needed
1613 // no change in global $COURSE - for backwards compatibiltiy
1614 // if require_rogin() used after require_login($courseid);
1626 }
1627 }
1628 }
1630 /// set locale and themes
1634 }
1636 /**
1637 * This function checks that the current user is logged in and has the
1638 * required privileges
1639 *
1640 * This function checks that the current user is logged in, and optionally
1641 * whether they are allowed to be in a particular course and view a particular
1642 * course module.
1643 * If they are not logged in, then it redirects them to the site login unless
1644 * $autologinguest is set and {@link $CFG}->autologinguests is set to 1 in which
1645 * case they are automatically logged in as guests.
1646 * If $courseid is given and the user is not enrolled in that course then the
1647 * user is redirected to the course enrolment page.
1648 * If $cm is given and the coursemodule is hidden and the user is not a teacher
1649 * in the course then the user is redirected to the course home page.
1650 *
1651 * @uses $CFG
1652 * @uses $SESSION
1653 * @uses $USER
1654 * @uses $FULLME
1655 * @uses SITEID
1656 * @uses $COURSE
1657 * @param mixed $courseorid id of the course or course object
1658 * @param bool $autologinguest
1659 * @param object $cm course module object
1660 */
1665 /// setup global $COURSE, themes, language and locale
1668 /// If the user is not even logged in yet then make sure they are
1670 //NOTE: $USER->site check was obsoleted by session test cookie,
1671 // $USER->confirmed test is in login/index.php
1675 }
1676 if ($autologinguest and !empty($CFG->guestloginbutton) and !empty($CFG->autologinguests) and ($COURSE->id == SITEID or $COURSE->guest) ) {
1680 }
1686 }
1688 }
1690 /// loginas as redirection if needed
1694 print_error('loginasonecourse', '', $CFG->wwwroot.'/course/view.php?id='.$USER->loginascontext->instanceid);
1695 }
1696 }
1697 }
1700 /// check whether the user should be changing password (but only if it is REALLY them)
1706 //use plugin custom url
1709 //use moodle internal method
1715 }
1716 }
1719 }
1720 }
1722 /// Check that the user account is properly set up
1726 }
1728 /// Make sure current IP matches the one for this session (if required)
1732 }
1733 }
1735 /// Make sure the USER has a sesskey set up. Used for checking script parameters.
1738 // Check that the user has agreed to a site policy if there is one
1743 }
1744 }
1746 // Fetch the system context, we are going to use it a lot.
1749 /// If the site is currently under maintenance, then print a message
1754 }
1755 }
1757 /// groupmembersonly access control
1758 if (!empty($CFG->enablegroupings) and $cm and $cm->groupmembersonly and !has_capability('moodle/site:accessallgroups', get_context_instance(CONTEXT_MODULE, $cm->id))) {
1760 error(get_string('groupmembersonlyerror', 'group'), $CFG->wwwroot.'/course/view.php?id='.$cm->course);
1761 }
1762 }
1764 // Fetch the course context, and prefetch its child contexts
1768 }
1769 }
1771 /// Eliminate hidden site activities straight away
1775 }
1780 /// Check if the user can be in a particular course
1782 //
1783 // Spaghetti logic construct
1784 //
1785 // - able to view course?
1786 // - able to view category?
1787 // => if either is missing, course is hidden from this user
1788 //
1789 // It's carefully ordered so we run the cheap checks first, and the
1790 // more costly checks last...
1791 //
1792 if (! (($COURSE->visible || has_capability('moodle/course:viewhiddencourses', $COURSE->context))
1798 }
1799 }
1801 /// Non-guests who don't currently have access, check if they can be allowed in as a guest
1805 // Temporarily assign them guest role for this context, if it fails later user is asked to enrol
1807 }
1808 }
1810 /// If the user is a guest then treat them according to the course policy about guests
1818 notice(get_string('guestsnotallowed', '', format_string($COURSE->fullname)), "$CFG->wwwroot/login/index.php");
1819 }
1823 }
1832 }
1833 // otherwise drop through to logic below (--> enrol.php)
1839 build_navigation(array(array('name' => $strloggedinasguest, 'link' => null, 'type' => 'misc'))));
1841 notice(get_string('guestsnotallowed', '', format_string($COURSE->fullname)), "$CFG->wwwroot/login/index.php");
1847 }
1849 }
1851 /// For non-guests, check if they have course view access
1858 }
1859 }
1861 /// Make sure they can read this activity too, if specified
1863 if (!empty($cm) and !$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $COURSE->context)) {
1864 redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden'));
1865 }
1868 }
1871 /// Currently not enrolled in the course, so see if they want to enrol
1875 }
1876 }
1880 /**
1881 * This function just makes sure a user is logged out.
1882 *
1883 * @uses $CFG
1884 * @uses $USER
1885 */
1891 add_to_log(SITEID, "user", "logout", "view.php?id=$USER->id&course=".SITEID, $USER->id, 0, $USER->id);
1897 }
1898 }
1901 // This method is just to try to avoid silly warnings from PHP 4.3.0
1904 }
1906 // Initialize variable to pass-by-reference to headers_sent(&$file, &$line)
1912 setcookie('MoodleSessionTest'.$CFG->sessioncookie, '', time() - 3600, $CFG->sessioncookiepath);
1913 }
1921 }
1923 /**
1924 * This is a weaker version of {@link require_login()} which only requires login
1925 * when called from within a course rather than the site page, unless
1926 * the forcelogin option is turned on.
1927 *
1928 * @uses $CFG
1929 * @param mixed $courseorid The course object or id in question
1930 * @param bool $autologinguest Allow autologin guests if that is wanted
1931 * @param object $cm Course activity module if known
1932 */
1936 // login required for both SITE and courses
1940 // always login for hidden activities
1945 //login for SITE not required
1949 // course login always required
1951 }
1952 }
1954 /**
1955 * Require key login. Function terminates with error if key not found or incorrect.
1956 * @param string $script unique script identifier
1957 * @param int $instance optional instance id
1958 */
1964 }
1966 /// extra safety
1967 @session_write_close();
1971 if (!$key = get_record('user_private_key', 'script', $script, 'value', $keyvalue, 'instance', $instance)) {
1973 }
1977 }
1983 }
1984 }
1988 }
1990 /// emulate normal session
1994 /// note we are not using normal login
1997 }
2001 /// return isntance id - it might be empty
2003 }
2005 /**
2006 * Creates a new private user access key.
2007 * @param string $script unique target identifier
2008 * @param int $userid
2009 * @param instance $int optional instance id
2010 * @param string $iprestriction optional ip restricted access
2011 * @param timestamp $validuntil key valid only until given data
2012 * @return string access key value
2013 */
2014 function create_user_key($script, $userid, $instance=null, $iprestriction=null, $validuntil=null) {
2025 // must be unique
2027 }
2031 }
2034 }
2036 /**
2037 * Modify the user table by setting the currently logged in user's
2038 * last login to now.
2039 *
2040 * @uses $USER
2041 * @return bool
2042 */
2053 }
2055 /**
2056 * Determines if a user has completed setting up their account.
2057 *
2058 * @param user $user A {@link $USER} object to test for the existance of a valid name and email
2059 * @return bool
2060 */
2062 return ($user->username != 'guest' and (empty($user->firstname) or empty($user->lastname) or empty($user->email) or over_bounce_threshold($user)));
2063 }
2071 }
2072 // set sensible defaults
2075 }
2078 }
2083 }
2086 }
2088 }
2090 /**
2091 * @param $user - object containing an id
2092 * @param $reset - will reset the count to 0
2093 */
2098 }
2100 // make a new one
2105 }
2106 }
2108 /**
2109 * @param $user - object containing an id
2110 * @param $reset - will reset the count to 0
2111 */
2116 }
2118 // make a new one
2123 }
2124 }
2126 /**
2127 * Keeps track of login attempts
2128 *
2129 * @uses $SESSION
2130 */
2141 }
2146 }
2147 }
2149 /**
2150 * Resets login attempts
2151 *
2152 * @uses $SESSION
2153 */
2158 }
2166 }
2170 }
2171 }
2173 /**
2174 * Goes through all enrolment records for the courses inside the metacourse and sync with them.
2175 *
2176 * @param mixed $course the metacourse to synch. Either the course object itself, or the courseid.
2177 */
2181 // Check the course is valid.
2185 }
2186 }
2188 // Check that we actually have a metacourse.
2191 }
2193 // Get a list of roles that should not be synced.
2198 }
2200 // Get the context of the metacourse.
2201 $context = get_context_instance(CONTEXT_COURSE, $course->id); // SITEID can not be a metacourse
2203 // We do not ever want to unassign the list of metacourse manager, so get a list of them.
2208 }
2210 // Get assignments of a user to a role that exist in a child course, but
2211 // not in the meta coure. That is, get a list of the assignments that need to be made.
2213 SELECT
2214 ra.id, ra.roleid, ra.userid
2215 FROM
2219 WHERE
2220 ra.contextid = con.id AND
2222 con.instanceid = cm.child_course AND
2224 $roleexclusions
2225 NOT EXISTS (
2226 SELECT 1 FROM
2228 WHERE
2229 ra2.userid = ra.userid AND
2230 ra2.roleid = ra.roleid AND
2232 )
2235 }
2237 // Get assignments of a user to a role that exist in the meta course, but
2238 // not in any child courses. That is, get a list of the unassignments that need to be made.
2240 SELECT
2241 ra.id, ra.roleid, ra.userid
2242 FROM
2244 WHERE
2246 $roleexclusions
2247 NOT EXISTS (
2248 SELECT 1 FROM
2252 WHERE
2253 ra2.userid = ra.userid AND
2254 ra2.roleid = ra.roleid AND
2255 ra2.contextid = con2.id AND
2257 con2.instanceid = cm.child_course AND
2259 )
2262 }
2266 // Make the unassignments, if they are not managers.
2270 $success = role_unassign($unassignment->roleid, $unassignment->userid, 0, $context->id) && $success;
2272 }
2273 }
2275 // Make the assignments.
2279 }
2281 // force accessinfo refresh for users visiting this context...
2283 }
2287 // TODO: finish timeend and timestart
2288 // maybe we could rely on cron job to do the cleaning from time to time
2289 }
2291 /**
2292 * Adds a record to the metacourse table and calls sync_metacoures
2293 */
2298 }
2302 }
2304 if (!$record = get_record("course_meta","parent_course",$metacourseid,"child_course",$courseid)) {
2310 }
2312 }
2315 }
2317 /**
2318 * Removes the record from the metacourse table and calls sync_metacourse
2319 */
2324 }
2326 }
2329 /**
2330 * Determines if a user is currently logged in
2331 *
2332 * @uses $USER
2333 * @return bool
2334 */
2339 }
2341 /**
2342 * Determines if a user is logged in as real guest user with username 'guest'.
2343 * This function is similar to original isguest() in 1.6 and earlier.
2344 * Current isguest() is deprecated - do not use it anymore.
2345 *
2346 * @param $user mixed user object or id, $USER if not specified
2347 * @return bool true if user is the real guest user, false if not logged in or other user
2348 */
2355 }
2359 }
2362 }
2364 /**
2365 * Determines if the currently logged in user is in editing mode.
2366 * Note: originally this function had $userid parameter - it was not usable anyway
2367 *
2368 * @uses $USER, $PAGE
2369 * @return bool
2370 */
2378 }
2380 }
2382 /**
2383 * Determines if the logged in user is currently moving an activity
2384 *
2385 * @uses $USER
2386 * @param int $courseid The id of the course being tested
2387 * @return bool
2388 */
2394 }
2396 }
2398 /**
2399 * Given an object containing firstname and lastname
2400 * values, this function returns a string with the
2401 * full name of the person.
2402 * The result may depend on system settings
2403 * or language. 'override' will force both names
2404 * to be used even if system settings specify one.
2405 *
2406 * @uses $CFG
2407 * @uses $SESSION
2408 * @param object $user A {@link $USER} object to get full name of
2409 * @param bool $override If true then the name will be first name followed by last name rather than adhering to fullnamedisplay setting.
2410 */
2417 }
2422 }
2425 }
2426 }
2430 }
2443 }
2444 }
2447 }
2449 /**
2450 * Sets a moodle cookie with an encrypted string
2451 *
2452 * @uses $CFG
2453 * @uses DAYSECS
2454 * @uses HOURSECS
2455 * @param string $thing The string to encrypt and place in a cookie
2456 */
2462 }
2471 }
2473 /**
2474 * Gets a moodle cookie with an encrypted string
2475 *
2476 * @uses $CFG
2477 * @return string
2478 */
2489 }
2490 }
2492 /**
2493 * Returns whether a given authentication plugin exists.
2494 *
2495 * @uses $CFG
2496 * @param string $auth Form of authentication to check for. Defaults to the
2497 * global setting in {@link $CFG}.
2498 * @return boolean Whether the plugin is available.
2499 */
2505 }
2507 }
2509 /**
2510 * Checks if a given plugin is in the list of enabled authentication plugins.
2511 *
2512 * @param string $auth Authentication plugin.
2513 * @return boolean Whether the plugin is enabled.
2514 */
2518 }
2523 }
2525 /**
2526 * Returns an authentication plugin instance.
2527 *
2528 * @uses $CFG
2529 * @param string $auth name of authentication plugin
2530 * @return object An instance of the required authentication plugin.
2531 */
2535 // check the plugin exists first
2538 }
2540 // return auth plugin instance
2544 }
2546 /**
2547 * Returns array of active auth plugins.
2548 *
2549 * @param bool $fix fix $CFG->auth if needed
2550 * @return array
2551 */
2561 }
2568 }
2569 }
2573 }
2574 }
2577 }
2579 /**
2580 * Returns true if an internal authentication method is being used.
2581 * if method not specified then, global default is assumed
2582 *
2583 * @uses $CFG
2584 * @param string $auth Form of authentication required
2585 * @return bool
2586 */
2590 }
2592 /**
2593 * Returns an array of user fields
2594 *
2595 * @uses $CFG
2596 * @uses $db
2597 * @return array User field/column names
2598 */
2607 }
2609 /**
2610 * Creates the default "guest" user. Used both from
2611 * admin/index.php and login/index.php
2612 * @return mixed user object created or boolean false if the creation has failed
2613 */
2633 }
2636 }
2638 /**
2639 * Creates a bare-bones user record
2640 *
2641 * @uses $CFG
2642 * @param string $username New user's username to add to record
2643 * @param string $password New user's password to add to record
2644 * @param string $auth Form of authentication required
2645 * @return object A {@link $USER} object
2646 * @todo Outline auth types and provide code example
2647 */
2651 //just in case check text case
2660 }
2661 }
2666 }
2667 }
2672 // fix for MDL-8480
2673 // user CFG lang for user if $newuser->lang is empty
2674 // or $user->lang is not an installed language
2678 }
2688 }
2691 }
2693 }
2695 /**
2696 * Will update a local user record from an external source
2697 *
2698 * @uses $CFG
2699 * @param string $username New user's username to add to record
2700 * @return user A {@link $USER} object
2701 */
2716 }
2717 }
2718 }
2721 }
2724 /// will truncate userinfo as it comes from auth_get_userinfo (from external auth)
2725 /// which may have large fields
2727 // define the limits
2743 );
2745 // apply where needed
2749 }
2750 }
2753 }
2755 /**
2756 * Marks user deleted in internal user database and notifies the auth plugin.
2757 * Also unenrols user from all roles and does other cleanup.
2758 * @param object $user Userobject before delete (without system magic quotes)
2759 * @return boolean success
2760 */
2767 // delete all grades - backup is kept in grade_grades_history table
2771 }
2772 }
2774 // remove from all groups
2777 // unenrol from all roles in all contexts
2778 role_unassign(0, $user->id); // this might be slow but it is really needed - modules might do some extra cleanup!
2780 // now do a final accesslib cleanup - removes all role assingments in user context and context itself
2783 // mark internal user record as "deleted"
2794 // notify auth plugin - do not block the delete even when plugin fails
2802 }
2803 }
2805 /**
2806 * Retrieve the guest user object
2807 *
2808 * @uses $CFG
2809 * @return user A {@link $USER} object
2810 */
2814 if ($newuser = get_record('user', 'username', 'guest', 'mnethostid', $CFG->mnet_localhost_id)) {
2818 }
2821 }
2823 /**
2824 * Given a username and password, this function looks them
2825 * up using the currently selected authentication mechanism,
2826 * and if the authentication is successful, it returns a
2827 * valid $user object from the 'user' table.
2828 *
2829 * Uses auth_ functions from the currently active auth module
2830 *
2831 * @uses $CFG
2832 * @param string $username User's username (with system magic quotes)
2833 * @param string $password User's password (with system magic quotes)
2834 * @return user|flase A {@link $USER} object or false if error
2835 */
2846 error_log('[client '.$_SERVER['REMOTE_ADDR']."] $CFG->wwwroot Disabled Login: $username ".$_SERVER['HTTP_USER_AGENT']);
2848 }
2851 error_log('[client '.$_SERVER['REMOTE_ADDR']."] $CFG->wwwroot Deleted Login: $username ".$_SERVER['HTTP_USER_AGENT']);
2853 }
2860 }
2865 // on auth fail fall through to the next plugin
2868 }
2870 // successful authentication
2875 }
2877 update_internal_user_password($user, $password); // just in case salt or encoding were changed (magic quotes too one day)
2881 }
2883 // if user not found, create him
2885 }
2892 }
2894 /// Log in to a second system if necessary
2895 /// NOTICE: /sso/ will be moved to auth and deprecated soon; use user_authenticated_hook() instead
2901 }
2902 }
2903 }
2907 }
2909 // failed if all the plugins have failed
2911 error_log('[client '.$_SERVER['REMOTE_ADDR']."] $CFG->wwwroot Failed Login: $username ".$_SERVER['HTTP_USER_AGENT']);
2913 }
2915 /**
2916 * Compare password against hash stored in internal user table.
2917 * If necessary it also updates the stored hash to new format.
2918 *
2919 * @param object user
2920 * @param string plain text password
2921 * @return bool is password valid?
2922 */
2928 }
2932 // get password original encoding in case it was not updated to unicode yet
2936 if ($user->password == md5($password.$CFG->passwordsaltmain) or $user->password == md5($password)
2937 or $user->password == md5($convpassword.$CFG->passwordsaltmain) or $user->password == md5($convpassword)) {
2943 if ($user->password == md5($password.$CFG->$alt) or $user->password == md5($convpassword.$CFG->$alt)) {
2946 }
2947 }
2948 }
2949 }
2952 // force update of password hash using latest main password salt and encoding if needed
2954 }
2957 }
2959 /**
2960 * Calculate hashed value from password using current hash mechanism.
2961 *
2962 * @param string password
2963 * @return string password hash
2964 */
2972 }
2973 }
2975 /**
2976 * Update pssword hash in user object.
2977 *
2978 * @param object user
2979 * @param string plain text password
2980 * @param bool store changes also in db, default true
2981 * @return true if hash changed
2982 */
2991 }
2994 }
2996 /**
2997 * Get a complete user record, which includes all the info
2998 * in the user record
2999 * Intended for setting as $USER session variable
3000 *
3001 * @uses $CFG
3002 * @uses SITEID
3003 * @param string $field The user field to be checked for a given value.
3004 * @param string $value The value to match for $field.
3005 * @return user A {@link $USER} object.
3006 */
3013 }
3015 /// Build the WHERE clause for an SQL query
3020 // if null, we restrict to local users
3021 // ** testing for local user can be done with
3022 // mnethostid = $CFG->mnet_localhost_id
3023 // or with
3024 // auth != 'mnet'
3025 // but the first one is FAST with our indexes
3027 }
3031 /// Get all the basic user data
3035 }
3037 /// Get various settings and preferences
3042 }
3043 }
3050 }
3051 }
3057 // this is a special hack to speedup calendar display
3063 }
3065 }
3066 }
3068 /// Rewrite some variables if necessary
3071 }
3076 }
3082 }
3084 /**
3085 * @uses $CFG
3086 * @param string $password the password to be checked agains the password policy
3087 * @param string $errmsg the error message to display when the password doesn't comply with the policy.
3088 * @return bool true if the password is valid according to the policy. false otherwise.
3089 */
3095 }
3111 } else if (preg_match_all('/[^[:upper:][:lower:][:digit:]]/u', $password, $matches) < $CFG->minpasswordnonalphanum) {
3116 }
3122 }
3123 }
3126 /**
3127 * When logging in, this function is run to set certain preferences
3128 * for the current SESSION
3129 */
3137 // Restore the calendar filters, if saved
3141 }
3142 }
3145 /**
3146 * Delete a course, including all related data from the database,
3147 * and any associated files from the moodledata folder.
3148 *
3149 * @param int $courseid The id of the course to delete.
3150 * @param bool $showfeedback Whether to display notifications of each action the function performs.
3151 * @return bool true if all the removals succeeded. false if there were any failures. If this
3152 * method returns false, some of the removals will probably have succeeded, and others
3153 * failed, but you have no way of knowing which.
3154 */
3163 }
3165 }
3172 }
3174 }
3179 }
3181 }
3186 }
3188 }
3191 }
3193 /**
3194 * Clear a course out completely, deleting all content
3195 * but don't delete the course itself
3196 *
3197 * @uses $CFG
3198 * @param int $courseid The id of the course that is being deleted
3199 * @param bool $showfeedback Whether to display notifications of each action the function performs.
3200 * @return bool true if all the removals succeeded. false if there were any failures. If this
3201 * method returns false, some of the removals will probably have succeeded, and others
3202 * failed, but you have no way of knowing which.
3203 */
3213 }
3217 /// First delete every instance of every module
3232 /// Delete activity context questions and question categories
3235 }
3240 notify('Could not delete '. $modname .' instance '. $instance->id .' ('. format_string($instance->name) .')');
3242 }
3243 }
3244 }
3248 }
3252 }
3253 }
3256 }
3257 }
3260 }
3262 /// Give local code a chance to delete its references to this course.
3266 /// Delete course blocks
3275 }
3280 // Block instances are rarely created. Since the block instance is gone from the above delete
3281 // statement, calling delete_context() will generate a warning as get_context_instance could
3282 // no longer create the context as the block is already gone.
3285 }
3287 // fix for MDL-7164
3288 // Get the block object and call instance_delete()
3292 }
3296 }
3297 // Return value ignored, in core mods this does not do anything, but just in case
3298 // third party blocks might have stuff to clean up
3299 // we execute this anyway
3301 }
3304 }
3305 }
3307 /// Delete any groups, removing members and grouping/course links first.
3312 /// Delete all related records in other tables that may have a courseid
3313 /// This array stores the tables that need to be cleared, as
3314 /// table_name => column_name that contains the course id.
3323 );
3328 }
3331 }
3332 }
3335 /// Clean up metacourse stuff
3339 sync_metacourse($course->id); // have to do it here so the enrolments get nuked. sync_metacourses won't find it without the id.
3342 }
3346 remove_from_metacourse($parent->parent_course,$parent->child_course); // this will do the unenrolments as well.
3347 }
3350 }
3351 }
3352 }
3354 /// Delete questions and question categories
3357 /// Delete all roles and overiddes in the course context (but keep the course context)
3360 }
3363 }
3366 /**
3367 * This function will empty a course of USER data as much as
3368 /// possible. It will retain the activities and the structure
3369 /// of the course.
3370 *
3371 * @uses $USER
3372 * @uses $SESSION
3373 * @uses $CFG
3374 * @param object $data an object containing all the boolean settings and courseid
3375 * @param bool $showfeedback if false then do it all silently
3376 * @return bool
3377 * @todo Finish documenting this function
3378 */
3388 // Look in every instance of every module for data to delete
3399 }
3400 }
3401 }
3404 }
3406 // Delete other stuff
3417 }
3420 }
3422 /// Delete group members (but keep the groups)
3424 }
3429 }
3432 }
3433 }
3434 }
3439 }
3445 }
3448 }
3449 }
3455 }
3458 }
3459 }
3461 // deletes all role assignments, and local override,
3462 // these have no courseid in table and needs separate process
3465 // force accessinfo refresh for users visiting this context...
3469 }
3476 }
3480 }
3484 // the first char should be an unencoded letter. We'll take this as an action
3489 // check the half md5 of their email
3493 }
3494 // else maybe they've already changed it?
3495 }
3496 }
3498 // maybe more later?
3499 }
3500 }
3502 /// CORRESPONDENCE ////////////////////////////////////////////////
3504 /**
3505 * Send an email to a specified user
3506 *
3507 * @uses $CFG
3508 * @uses $FULLME
3509 * @uses SITEID
3510 * @param user $user A {@link $USER} object
3511 * @param user $from A {@link $USER} object
3512 * @param string $subject plain text subject line of the email
3513 * @param string $messagetext plain text version of the message
3514 * @param string $messagehtml complete html version of the message (optional)
3515 * @param string $attachment a file on the filesystem, relative to $CFG->dataroot
3516 * @param string $attachname the name of the file (extension indicates MIME)
3517 * @param bool $usetrueaddress determines whether $from email address should
3518 * be sent out. Will be overruled by user profile setting for maildisplay
3519 * @return bool|string Returns "true" if mail was sent OK, "emailstop" if email
3520 * was blocked by user and "false" if there was another sort of error.
3521 */
3522 function email_to_user($user, $from, $subject, $messagetext, $messagehtml='', $attachment='', $attachname='', $usetrueaddress=true, $replyto='', $replytoname='') {
3528 /// We are going to use textlib services here
3533 }
3535 // skip mail to suspended users
3538 }
3542 }
3547 }
3567 }
3574 }
3575 }
3580 // make up an email address for handling bounces
3586 }
3599 }
3600 }
3604 }
3616 }
3619 }
3620 }
3624 }
3626 if ($messagehtml && $user->mailformat == 1) { // Don't ever send HTML to users who don't want it
3634 }
3639 $mail->AddStringAttachment('Error in attachment. User attempted to attach a filename with a unsafe name.', 'error.txt', '8bit', 'text/plain');
3644 }
3645 }
3649 /// If we are running under Unicode and sitemailcharset or allowusermailcharset are set, convert the email
3650 /// encoding to the specified one
3652 /// Set it to site mail charset
3654 /// Overwrite it with the user mail charset
3658 }
3659 }
3660 /// If it has changed, convert all the necessary strings
3664 /// Save the new mail charset
3666 /// And convert some strings
3670 }
3674 }
3677 }
3678 }
3685 }
3692 }
3694 }
3695 }
3697 /**
3698 * Generate a signoff for emails based on support settings
3699 *
3700 */
3707 }
3710 }
3713 }
3715 }
3717 /**
3718 * Generate a fake user for emails based on support settings
3719 *
3720 */
3729 }
3738 }
3741 /**
3742 * Sets specified user's password and send the new password to the user via email.
3743 *
3744 * @uses $CFG
3745 * @param user $user A {@link $USER} object
3746 * @return boolean|string Returns "true" if mail was sent OK, "emailstop" if email
3747 * was blocked by user and "false" if there was another sort of error.
3748 */
3762 }
3778 }
3780 /**
3781 * Resets specified user's password and send the new password to the user via email.
3782 *
3783 * @uses $CFG
3784 * @param user $user A {@link $USER} object
3785 * @return bool|string Returns "true" if mail was sent OK, "emailstop" if email
3786 * was blocked by user and "false" if there was another sort of error.
3787 */
3797 trigger_error("Attempt to reset user password for user $user->username with Auth $user->auth.");
3799 }
3805 }
3821 }
3823 /**
3824 * Send email to specified user with confirmation text and activation link.
3825 *
3826 * @uses $CFG
3827 * @param user $user A {@link $USER} object
3828 * @return bool|string Returns "true" if mail was sent OK, "emailstop" if email
3829 * was blocked by user and "false" if there was another sort of error.
3830 */
3845 $data->link = $CFG->wwwroot .'/login/confirm.php?data='. $user->secret .'/'. urlencode($user->username);
3853 }
3855 /**
3856 * send_password_change_confirmation_email.
3857 *
3858 * @uses $CFG
3859 * @param user $user A {@link $USER} object
3860 * @return bool|string Returns "true" if mail was sent OK, "emailstop" if email
3861 * was blocked by user and "false" if there was another sort of error.
3862 */
3873 $data->link = $CFG->httpswwwroot .'/login/forgot_password.php?p='. $user->secret .'&s='. urlencode($user->username);
3881 }
3883 /**
3884 * send_password_change_info.
3885 *
3886 * @uses $CFG
3887 * @param user $user A {@link $USER} object
3888 * @return bool|string Returns "true" if mail was sent OK, "emailstop" if email
3889 * was blocked by user and "false" if there was another sort of error.
3890 */
3910 }
3913 // we have some external url for password changing
3917 //no way to change password, sorry
3919 }
3921 if (!empty($data->link) and has_capability('moodle/user:changeownpassword', $systemcontext, $user->id)) {
3927 }
3931 }
3933 /**
3934 * Check that an email is allowed. It returns an error message if there
3935 * was a problem.
3936 *
3937 * @uses $CFG
3938 * @param string $email Content of email
3939 * @return string|false
3940 */
3951 }
3954 }
3955 }
3964 }
3967 }
3968 }
3969 }
3972 }
3980 }
3982 }
3989 //$message = get_string("welcometocoursetext", "", $a);
3994 }
3996 }
3997 }
3999 /// FILE HANDLING /////////////////////////////////////////////
4002 /**
4003 * Makes an upload directory for a particular module.
4004 *
4005 * @uses $CFG
4006 * @param int $courseid The id of the course in question - maps to id field of 'course' table.
4007 * @return string|false Returns full path to directory if successful, false if not
4008 */
4014 }
4019 copy($CFG->dirroot .'/lang/'. $CFG->lang .'/docs/module_files.txt', $moddata .'/'. $strreadme .'.txt');
4022 }
4024 }
4026 /**
4027 * Returns current name of file on disk if it exists.
4028 *
4029 * @param string $newfile File to be verified
4030 * @return string Current name of file on disk if true
4031 */
4035 }
4040 }
4041 }
4043 /**
4044 * Returns the maximum size for uploading files.
4045 *
4046 * There are seven possible upload limits:
4047 * 1. in Apache using LimitRequestBody (no way of checking or changing this)
4048 * 2. in php.ini for 'upload_max_filesize' (can not be changed inside PHP)
4049 * 3. in .htaccess for 'upload_max_filesize' (can not be changed inside PHP)
4050 * 4. in php.ini for 'post_max_size' (can not be changed inside PHP)
4051 * 5. by the Moodle admin in $CFG->maxbytes
4052 * 6. by the teacher in the current course $course->maxbytes
4053 * 7. by the teacher for the current module, eg $assignment->maxbytes
4054 *
4055 * These last two are passed to this function as arguments (in bytes).
4056 * Anything defined as 0 is ignored.
4057 * The smallest of all the non-zero numbers is returned.
4058 *
4059 * @param int $sizebytes ?
4060 * @param int $coursebytes Current course $course->maxbytes (in bytes)
4061 * @param int $modulebytes Current module ->maxbytes (in bytes)
4062 * @return int The maximum size for uploading files.
4063 * @todo Finish documenting this function
4064 */
4069 }
4076 }
4077 }
4081 }
4085 }
4089 }
4092 }
4094 /**
4095 * Related to {@link get_max_upload_file_size()} - this function returns an
4096 * array of possible sizes in an array, translated to the
4097 * local language.
4098 *
4099 * @uses SORT_NUMERIC
4100 * @param int $sizebytes ?
4101 * @param int $coursebytes Current course $course->maxbytes (in bytes)
4102 * @param int $modulebytes Current module ->maxbytes (in bytes)
4103 * @return int
4104 * @todo Finish documenting this function
4105 */
4111 }
4118 // Allow maxbytes to be selected if it falls outside the above boundaries
4121 }
4126 }
4127 }
4132 }
4134 /**
4135 * If there has been an error uploading a file, print the appropriate error message
4136 * Numerical constants used as constant definitions not added until PHP version 4.2.0
4137 *
4138 * $filearray is a 1-dimensional sub-array of the $_FILES array
4139 * eg $filearray = $_FILES['userfile1']
4140 * If left empty then the first element of the $_FILES array will be used
4141 *
4142 * @uses $_FILES
4143 * @param array $filearray A 1-dimensional sub-array of the $_FILES array
4144 * @param bool $returnerror If true then a string error message will be returned. Otherwise the user will be notified of the error in a notify() call.
4145 * @return bool|string
4146 */
4155 }
4164 }
4185 }
4192 }
4194 }
4196 /**
4197 * handy function to loop through an array of files and resolve any filename conflicts
4198 * both in the array of filenames and for what is already on disk.
4199 * not really compatible with the similar function in uploadlib.php
4200 * but this could be used for files/index.php for moving files around.
4201 */
4212 }
4213 }
4214 }
4215 }
4217 }
4219 /**
4220 * @used by resolve_filename_collisions
4221 */
4225 }
4228 }
4230 }
4233 /**
4234 * Returns an array with all the filenames in
4235 * all subdirectories, relative to the given rootdir.
4236 * If excludefile is defined, then that file/directory is ignored
4237 * If getdirs is true, then (sub)directories are included in the output
4238 * If getfiles is true, then files are included in the output
4239 * (at least one of these must be true!)
4240 *
4241 * @param string $rootdir ?
4242 * @param string $excludefile If defined then the specified file/directory is ignored
4243 * @param bool $descend ?
4244 * @param bool $getdirs If true then (sub)directories are included in the output
4245 * @param bool $getfiles If true then files are included in the output
4246 * @return array An array with all the filenames in
4247 * all subdirectories, relative to the given rootdir
4248 * @todo Finish documenting this function. Add examples of $excludefile usage.
4249 */
4250 function get_directory_list($rootdir, $excludefiles='', $descend=true, $getdirs=false, $getfiles=true) {
4256 }
4260 }
4264 }
4268 }
4274 }
4279 }
4284 }
4285 }
4288 }
4289 }
4295 }
4298 /**
4299 * Adds up all the files in a directory and works out the size.
4300 *
4301 * @param string $rootdir ?
4302 * @param string $excludefile ?
4303 * @return array
4304 * @todo Finish documenting this function
4305 */
4310 // do it this way if we can, it's much faster
4318 }
4319 }
4323 }
4327 }
4335 }
4341 }
4342 }
4346 }
4348 /**
4349 * Converts bytes into display form
4350 *
4351 * @param string $size ?
4352 * @return string
4353 * @staticvar string $gb Localized string for size in gigabytes
4354 * @staticvar string $mb Localized string for size in megabytes
4355 * @staticvar string $kb Localized string for size in kilobytes
4356 * @staticvar string $b Localized string for size in bytes
4357 * @todo Finish documenting this function. Verify return type.
4358 */
4368 }
4378 }
4380 }
4382 /**
4383 * Cleans a given filename by removing suspicious or troublesome characters
4384 * Only these are allowed: alphanumeric _ - .
4385 * Unicode characters can be enabled by setting $CFG->unicodecleanfilename = true in config.php
4386 *
4387 * WARNING: unicode characters may not be compatible with zip compression in backup/restore,
4388 * because native zip binaries do weird character conversions. Use PHP zipping instead.
4389 *
4390 * @param string $string file name
4391 * @return string cleaned file name
4392 */
4400 //clean only ascii range
4401 $string = preg_replace("/[\\000-\\x2c\\x2f\\x3a-\\x40\\x5b-\\x5e\\x60\\x7b-\\177]/s", '_', $string);
4402 }
4406 }
4409 /// STRING TRANSLATION ////////////////////////////////////////
4411 /**
4412 * Returns the code for the current language
4413 *
4414 * @uses $CFG
4415 * @param $USER
4416 * @param $SESSION
4417 * @return string
4418 */
4422 if (!empty($COURSE->id) and $COURSE->id != SITEID and !empty($COURSE->lang)) { // Course language can override all other settings for this page
4433 }
4437 }
4440 }
4442 /**
4443 * Prints out a translated string.
4444 *
4445 * Prints out a translated string using the return value from the {@link get_string()} function.
4446 *
4447 * Example usage of this function when the string is in the moodle.php file:<br/>
4448 * <code>
4449 * echo '<strong>';
4450 * print_string('wordforstudent');
4451 * echo '</strong>';
4452 * </code>
4453 *
4454 * Example usage of this function when the string is not in the moodle.php file:<br/>
4455 * <code>
4456 * echo '<h1>';
4457 * print_string('typecourse', 'calendar');
4458 * echo '</h1>';
4459 * </code>
4460 *
4461 * @param string $identifier The key identifier for the localized string
4462 * @param string $module The module where the key identifier is stored. If none is specified then moodle.php is used.
4463 * @param mixed $a An object, string or number that can be used
4464 * within translation strings
4465 */
4468 }
4470 /**
4471 * fix up the optional data in get_string()/print_string() etc
4472 * ensure possible sprintf() format characters are escaped correctly
4473 * needs to handle arbitrary strings and objects
4474 * @param mixed $a An object, string or number that can be used
4475 * @return mixed the supplied parameter 'cleaned'
4476 */
4480 }
4486 }
4488 }
4491 }
4492 }
4494 /**
4495 * @return array places to look for lang strings based on the prefix to the
4496 * module name. For example qtype_ in question/type. Used by get_string and
4497 * help.php.
4498 */
4518 );
4519 }
4521 /**
4522 * Returns a localized string.
4523 *
4524 * Returns the translated string specified by $identifier as
4525 * for $module. Uses the same format files as STphp.
4526 * $a is an object, string or number that can be used
4527 * within translation strings
4528 *
4529 * eg "hello \$a->firstname \$a->lastname"
4530 * or "hello \$a"
4531 *
4532 * If you would like to directly echo the localized string use
4533 * the function {@link print_string()}
4534 *
4535 * Example usage of this function involves finding the string you would
4536 * like a local equivalent of and using its identifier and module information
4537 * to retrive it.<br/>
4538 * If you open moodle/lang/en/moodle.php and look near line 1031
4539 * you will find a string to prompt a user for their word for student
4540 * <code>
4541 * $string['wordforstudent'] = 'Your word for Student';
4542 * </code>
4543 * So if you want to display the string 'Your word for student'
4544 * in any language that supports it on your site
4545 * you just need to use the identifier 'wordforstudent'
4546 * <code>
4547 * $mystring = '<strong>'. get_string('wordforstudent') .'</strong>';
4548 or
4549 * </code>
4550 * If the string you want is in another file you'd take a slightly
4551 * different approach. Looking in moodle/lang/en/calendar.php you find
4552 * around line 75:
4553 * <code>
4554 * $string['typecourse'] = 'Course event';
4555 * </code>
4556 * If you want to display the string "Course event" in any language
4557 * supported you would use the identifier 'typecourse' and the module 'calendar'
4558 * (because it is in the file calendar.php):
4559 * <code>
4560 * $mystring = '<h1>'. get_string('typecourse', 'calendar') .'</h1>';
4561 * </code>
4562 *
4563 * As a last resort, should the identifier fail to map to a string
4564 * the returned string will be [[ $identifier ]]
4565 *
4566 * @uses $CFG
4567 * @param string $identifier The key identifier for the localized string
4568 * @param string $module The module where the key identifier is stored. If none is specified then moodle.php is used.
4569 * @param mixed $a An object, string or number that can be used
4570 * within translation strings
4571 * @param array $extralocations An array of strings with other locations to look for string files
4572 * @return string The localized string.
4573 */
4578 /// originally these special strings were stored in moodle.php now we are only in langconfig.php
4579 $langconfigstrs = array('alphabet', 'backupnameformat', 'decsep', 'firstdayofweek', 'listsep', 'locale',
4590 }
4596 }
4598 // if $a happens to have % in it, double it so sprintf() doesn't break
4601 }
4603 /// Define the two or three major locations of language strings for this module
4613 }
4614 }
4626 }
4628 /// Add extra places to look for strings for particular plugin types.
4641 }
4645 }
4646 }
4647 }
4649 /// First check all the normal locations for the string in the current language
4652 $locallangfile = $location.$lang.'_local'.'/'.$module.'.php'; //first, see if there's a local file
4657 }
4658 }
4659 //if local directory not found, or particular string does not exist in local direcotry
4665 }
4666 }
4667 }
4669 /// If the preferred language was English (utf8) we can abort now
4670 /// saving some checks beacuse it's the only "root" lang
4673 }
4675 /// Is a parent language defined? If so, try to find this string in a parent language file
4684 //first, see if there's a local file for parent
4690 }
4691 }
4693 //if local directory not found, or particular string does not exist in local direcotry
4699 }
4700 }
4701 }
4702 }
4703 }
4704 }
4706 /// Our only remaining option is to try English
4709 $locallangfile = $location.$defaultlang.'_local/'.$module.'.php'; //first, see if there's a local file
4714 }
4715 }
4717 //if local_en not found, or string not found in local_en
4724 }
4725 }
4726 }
4728 /// And, because under 1.6 en is defined as en_utf8 child, me must try
4729 /// if it hasn't been queried before.
4733 $locallangfile = $location.$defaultlang.'_local/'.$module.'.php'; //first, see if there's a local file
4738 }
4739 }
4741 //if local_en not found, or string not found in local_en
4748 }
4749 }
4750 }
4751 }
4754 }
4756 /**
4757 * This function is only used from {@link get_string()}.
4758 *
4759 * @internal Only used from get_string, not meant to be public API
4760 * @param string $identifier ?
4761 * @param string $langfile ?
4762 * @param string $destination ?
4763 * @return string|false ?
4764 * @staticvar array $strings Localized strings
4765 * @access private
4766 * @todo Finish documenting this function.
4767 */
4778 }
4782 }
4785 }
4787 /**
4788 * Converts an array of strings to their localized value.
4789 *
4790 * @param array $array An array of strings
4791 * @param string $module The language module that these strings can be found in.
4792 * @return string
4793 */
4799 }
4801 }
4803 /**
4804 * Returns a list of language codes and their full names
4805 * hides the _local files from everyone.
4806 * @param bool refreshcache force refreshing of lang cache
4807 * @param bool returnall ignore langlist, return all languages available
4808 * @return array An associative array with contents in the form of LanguageCode => LanguageName
4809 */
4818 if (!$refreshcache && !$returnall && !empty($CFG->langcache) && file_exists($CFG->dataroot .'/cache/languages')) {
4819 /// read available langs from cache
4826 }
4827 }
4830 }
4833 /// return only languages allowed in langlist admin setting
4836 // fix short lang names first - non existing langs are skipped anyway...
4840 }
4841 }
4842 // find existing langs from langlist
4847 }
4852 }
4853 /// Search under dirroot/lang
4858 }
4860 }
4861 /// And moodledata/lang
4866 }
4868 }
4869 }
4872 /// return all languages available in system
4873 /// Fetch langs from moodle/lang directory
4875 /// Fetch langs from moodledata/lang directory
4877 /// Merge both lists of langs
4879 /// Sort all
4881 /// Get some info from each lang (first from moodledata, then from moodle)
4885 }
4890 }
4891 /// Search under moodledata/lang
4896 }
4898 }
4899 /// And dirroot/lang
4904 }
4906 }
4907 }
4908 }
4912 // we have a list of all langs only, just delete old cache
4916 // store the list of allowed languages
4920 }
4922 }
4923 }
4924 }
4927 }
4929 /**
4930 * Returns a list of charset codes. It's hardcoded, so they should be added manually
4931 * (cheking that such charset is supported by the texlib library!)
4932 *
4933 * @return array And associative array with contents in the form of charset => charset
4934 */
4949 }
4951 /**
4952 * Returns a list of country names in the current language
4953 *
4954 * @uses $CFG
4955 * @uses $USER
4956 * @return array
4957 */
4971 }
4974 }
4975 }
4981 }
4985 }
4988 }
4990 /**
4991 * Returns a list of valid and compatible themes
4992 *
4993 * @uses $CFG
4994 * @return array
4995 */
5006 }
5011 }
5016 }
5018 }
5022 }
5025 /**
5026 * Returns a list of picture names in the current or specified language
5027 *
5028 * @uses $CFG
5029 * @return array
5030 */
5036 }
5051 } else if ($parentlang = get_string('parentlanguage') and $parentlang != '[[parentlanguage]]') {
5053 }
5058 }
5060 /**
5061 * Returns a list of timezones in the current language
5062 *
5063 * @uses $CFG
5064 * @return array
5065 */
5073 }
5077 if ($rawtimezones = get_records_sql('SELECT MAX(id), name FROM '.$CFG->prefix.'timezone GROUP BY name')) {
5083 }
5084 }
5085 }
5086 }
5098 }
5099 }
5102 }
5104 /**
5105 * Returns a list of currencies in the current language
5106 *
5107 * @uses $CFG
5108 * @uses $USER
5109 * @return array
5110 */
5122 }
5125 }
5126 }
5132 }
5136 }
5139 }
5143 /**
5144 * Can include a given document file (depends on second
5145 * parameter) or just return info about it.
5146 *
5147 * @uses $CFG
5148 * @param string $file ?
5149 * @param bool $include ?
5150 * @return ?
5151 * @todo Finish documenting this function
5152 */
5160 }
5172 }
5174 }
5175 }
5178 }
5180 /// ENCRYPTION ////////////////////////////////////////////////
5182 /**
5183 * rc4encrypt
5184 *
5185 * @param string $data ?
5186 * @return string
5187 * @todo Finish documenting this function
5188 */
5192 }
5194 /**
5195 * rc4decrypt
5196 *
5197 * @param string $data ?
5198 * @return string
5199 * @todo Finish documenting this function
5200 */
5204 }
5206 /**
5207 * Based on a class by Mukul Sabharwal [mukulsabharwal @ yahoo.com]
5208 *
5209 * @param string $pwd ?
5210 * @param string $data ?
5211 * @param string $case ?
5212 * @return string
5213 * @todo Finish documenting this function
5214 */
5219 }
5231 }
5240 }
5260 }
5266 }
5269 }
5272 /// CALENDAR MANAGEMENT ////////////////////////////////////////////////////////////////
5275 /**
5276 * Call this function to add an event to the calendar table
5277 * and to call any calendar plugins
5278 *
5279 * @uses $CFG
5280 * @param array $event An associative array representing an event from the calendar table. The event will be identified by the id field. The object event should include the following:
5281 * <ul>
5282 * <li><b>$event->name</b> - Name for the event
5283 * <li><b>$event->description</b> - Description of the event (defaults to '')
5284 * <li><b>$event->format</b> - Format for the description (using formatting types defined at the top of weblib.php)
5285 * <li><b>$event->courseid</b> - The id of the course this event belongs to (0 = all courses)
5286 * <li><b>$event->groupid</b> - The id of the group this event belongs to (0 = no group)
5287 * <li><b>$event->userid</b> - The id of the user this event belongs to (0 = no user)
5288 * <li><b>$event->modulename</b> - Name of the module that creates this event
5289 * <li><b>$event->instance</b> - Instance of the module that owns this event
5290 * <li><b>$event->eventtype</b> - The type info together with the module info could
5291 * be used by calendar plugins to decide how to display event
5292 * <li><b>$event->timestart</b>- Timestamp for start of event
5293 * <li><b>$event->timeduration</b> - Duration (defaults to zero)
5294 * <li><b>$event->visible</b> - 0 if the event should be hidden (e.g. because the activity that created it is hidden)
5295 * </ul>
5296 * @return int The id number of the resulting record
5297 */
5306 }
5314 }
5315 }
5316 }
5319 }
5321 /**
5322 * Call this function to update an event in the calendar table
5323 * the event will be identified by the id field of the $event object.
5324 *
5325 * @uses $CFG
5326 * @param array $event An associative array representing an event from the calendar table. The event will be identified by the id field.
5327 * @return bool
5328 */
5341 }
5342 }
5343 }
5345 }
5347 /**
5348 * Call this function to delete the event with id $id from calendar table.
5349 *
5350 * @uses $CFG
5351 * @param int $id The id of an event from the 'calendar' table.
5352 * @return array An associative array with the results from the SQL call.
5353 * @todo Verify return type
5354 */
5365 }
5366 }
5367 }
5369 }
5371 /**
5372 * Call this function to hide an event in the calendar table
5373 * the event will be identified by the id field of the $event object.
5374 *
5375 * @uses $CFG
5376 * @param array $event An associative array representing an event from the calendar table. The event will be identified by the id field.
5377 * @return array An associative array with the results from the SQL call.
5378 * @todo Verify return type
5379 */
5389 }
5390 }
5391 }
5393 }
5395 /**
5396 * Call this function to unhide an event in the calendar table
5397 * the event will be identified by the id field of the $event object.
5398 *
5399 * @uses $CFG
5400 * @param array $event An associative array representing an event from the calendar table. The event will be identified by the id field.
5401 * @return array An associative array with the results from the SQL call.
5402 * @todo Verify return type
5403 */
5413 }
5414 }
5415 }
5417 }
5420 /// ENVIRONMENT CHECKING ////////////////////////////////////////////////////////////
5422 /**
5423 * Lists plugin directories within some directory
5424 *
5425 * @uses $CFG
5426 * @param string $plugin dir under we'll look for plugins (defaults to 'mod')
5427 * @param string $exclude dir name to exclude from the list (defaults to none)
5428 * @param string $basedir full path to the base dir where $plugin resides (defaults to $CFG->dirroot)
5429 * @return array of plugins found under the requested parameters
5430 */
5439 # This switch allows us to use the appropiate theme directory - and potentialy alternatives for other plugins
5447 }
5451 }
5459 }
5462 }
5464 }
5466 }
5469 }
5471 }
5473 /**
5474 * Returns true if the current version of PHP is greater that the specified one.
5475 *
5476 * @param string $version The version of php being tested.
5477 * @return bool
5478 */
5481 }
5484 /**
5485 * Checks to see if is a browser matches the specified
5486 * brand and is equal or better version.
5487 *
5488 * @uses $_SERVER
5489 * @param string $brand The browser identifier being tested
5490 * @param int $version The version of the browser
5491 * @return bool true if the given version is below that of the detected browser
5492 */
5496 }
5507 }
5508 }
5517 }
5518 }
5525 // MacOS X Camino support
5527 }
5529 // the proper string - Gecko/CCYYMMDD Vendor/Version
5530 // Faster version and work-a-round No IDN problem.
5534 }
5535 }
5543 }
5547 }
5551 }
5554 }
5562 }
5563 }
5567 // Look for AppleWebKit, excluding strings with OmniWeb, Shiira and SimbianOS
5574 }
5579 }
5580 }
5584 }
5587 }
5589 /**
5590 * This function makes the return value of ini_get consistent if you are
5591 * setting server directives through the .htaccess file in apache.
5592 * Current behavior for value set from php.ini On = 1, Off = [blank]
5593 * Current behavior for value set from .htaccess On = On, Off = Off
5594 * Contributed by jdell @ unr.edu
5595 *
5596 * @param string $ini_get_arg ?
5597 * @return bool
5598 * @todo Finish documenting this function
5599 */
5605 }
5607 }
5609 /**
5610 * Compatibility stub to provide backward compatibility
5611 *
5612 * Determines if the HTML editor is enabled.
5613 * @deprecated Use {@link can_use_html_editor()} instead.
5614 */
5617 }
5619 /**
5620 * Determines if the HTML editor is enabled.
5621 *
5622 * This depends on site and user
5623 * settings, as well as the current browser being used.
5624 *
5625 * @return string|false Returns false if editor is not being used, otherwise
5626 * returns 'MSIE' or 'Gecko'.
5627 */
5636 }
5637 }
5639 }
5641 /**
5642 * Hack to find out the GD version by parsing phpinfo output
5643 *
5644 * @return int GD version (1, 2, or 0)
5645 */
5655 }
5670 }
5674 }
5676 }
5677 }
5678 }
5681 }
5683 /**
5684 * Determine if moodle installation requires update
5685 *
5686 * Checks version numbers of main code and all modules to see
5687 * if there are any mismatches
5688 *
5689 * @uses $CFG
5690 * @return bool
5691 */
5700 }
5708 }
5713 }
5714 }
5715 }
5716 }
5719 }
5721 }
5724 /// MISCELLANEOUS ////////////////////////////////////////////////////////////////////
5726 /**
5727 * Notify admin users or admin user of any failed logins (since last notification).
5728 *
5729 * @uses $CFG
5730 * @uses $db
5731 * @uses HOURSECS
5732 */
5743 }
5747 }
5749 // we need to deal with the threshold stuff first.
5752 }
5754 $notifyipsrs = $db->Execute('SELECT ip FROM '. $CFG->prefix .'log WHERE time > '. $CFG->lastnotifyfailure .'
5755 AND module=\'login\' AND action=\'error\' GROUP BY ip HAVING count(*) > '. $CFG->notifyloginthreshold);
5757 $notifyusersrs = $db->Execute('SELECT info FROM '. $CFG->prefix .'log WHERE time > '. $CFG->lastnotifyfailure .'
5758 AND module=\'login\' AND action=\'error\' GROUP BY info HAVING count(*) > '. $CFG->notifyloginthreshold);
5764 }
5767 }
5772 }
5775 }
5779 $logs = get_logs('time > '. $CFG->lastnotifyfailure .' AND module=\'login\' AND action=\'error\' '
5780 .((strlen($ipstr) > 0 && strlen($userstr) > 0) ? ' AND ( ip IN ('. $ipstr .') OR info IN ('. $userstr .') ) '
5781 : ((strlen($ipstr) != 0) ? ' AND ip IN ('. $ipstr .') ' : ' AND info IN ('. $userstr .') ')), 'l.time DESC', '', '', $count);
5783 // if we haven't run in the last hour and we have something useful to report and we are actually supposed to be reporting to somebody
5795 }
5800 }
5808 }
5812 }
5813 }
5814 }
5815 }
5817 /**
5818 * moodle_setlocale
5819 *
5820 * @uses $CFG
5821 * @param string $locale ?
5822 * @todo Finish documenting this function
5823 */
5832 /// Fetch the correct locale based on ostype
5837 }
5839 /// the priority is the same as in get_string() - parameter, config, course, session, user, global language
5846 }
5848 /// do nothing if locale already set up
5851 }
5853 /// Due to some strange BUG we cannot set the LC_TIME directly, so we fetch current values,
5854 /// set LC_ALL and then set values again. Just wondering why we cannot set LC_ALL only??? - stronk7
5855 /// Some day, numeric, monetary and other categories should be set too, I think. :-/
5857 /// Get current values
5863 }
5864 /// Set locale to all
5866 /// Set old values
5871 }
5872 if ($currentlocale == 'tr_TR' or $currentlocale == 'tr_TR.UTF-8') { // To workaround a well-known PHP problem with Turkish letter Ii
5874 }
5875 }
5877 /**
5878 * Converts string to lowercase using most compatible function available.
5879 *
5880 * @param string $string The string to convert to all lowercase characters.
5881 * @param string $encoding The encoding on the string.
5882 * @return string
5883 * @todo Add examples of calling this function with/without encoding types
5884 * @deprecated Use textlib->strtolower($text) instead.
5885 */
5888 //If not specified use utf8
5891 }
5892 //Use text services
5896 }
5898 /**
5899 * Count words in a string.
5900 *
5901 * Words are defined as things between whitespace.
5902 *
5903 * @param string $string The text to be searched for words.
5904 * @return int The count of words in the specified string
5905 */
5909 }
5911 /** Count letters in a string.
5912 *
5913 * Letters are defined as chars not in tags and different from whitespace.
5914 *
5915 * @param string $string The text to be searched for letters.
5916 * @return int The count of letters in the specified text.
5917 */
5919 /// Loading the textlib singleton instance. We are going to need it.
5926 }
5928 /**
5929 * Generate and return a random string of the specified length.
5930 *
5931 * @param int $length The length of the string to be created.
5932 * @return string
5933 */
5943 }
5945 }
5947 /*
5948 * Given some text (which may contain HTML) and an ideal length,
5949 * this function truncates the text neatly on a word boundary if possible
5950 */
5965 }
5986 }
5987 }
5989 }
5991 }
5995 }
5996 }
5997 }
6001 }
6006 }
6009 /**
6010 * Given dates in seconds, how many weeks is the date from startdate
6011 * The first week is 1, the second 2 etc ...
6012 *
6013 * @uses WEEKSECS
6014 * @param ? $startdate ?
6015 * @param ? $thedate ?
6016 * @return string
6017 * @todo Finish documenting this function
6018 */
6022 }
6025 }
6027 /**
6028 * returns a randomly generated password of length $maxlen. inspired by
6029 * {@link http://www.phpbuilder.com/columns/jesus19990502.php3}
6030 *
6031 * @param int $maxlength The maximum size of the password being generated.
6032 * @return string
6033 */
6046 }
6048 /**
6049 * Given a float, prints it nicely.
6050 * Localized floats must not be used in calculations!
6051 *
6052 * @param float $flaot The float to print
6053 * @param int $places The number of decimal places to print.
6054 * @param bool $localized use localized decimal separator
6055 * @return string locale float
6056 */
6060 }
6065 }
6066 }
6068 /**
6069 * Converts locale specific floating point/comma number back to standard PHP float value
6070 * Do NOT try to do any math operations before this conversion on any user submitted floats!
6071 *
6072 * @param string $locale_float locale aware float representation
6073 */
6079 }
6081 $locale_float = str_replace(' ', '', $locale_float); // no spaces - those might be used as thousand separators
6084 }
6086 /**
6087 * Given a simple array, this shuffles it up just like shuffle()
6088 * Unlike PHP's shuffle() this function works on any machine.
6089 *
6090 * @param array $array The array to be rearranged
6091 * @return array
6092 */
6102 }
6104 }
6106 /**
6107 * Like {@link swapshuffle()}, but works on associative arrays
6108 *
6109 * @param array $array The associative array to be rearranged
6110 * @return array
6111 */
6113 ///
6118 }
6120 }
6122 /**
6123 * Given an arbitrary array, and a number of draws,
6124 * this function returns an array with that amount
6125 * of items. The indexes are retained.
6126 *
6127 * @param array $array ?
6128 * @param ? $draws ?
6129 * @return ?
6130 * @todo Finish documenting this function
6131 */
6141 }
6153 }
6156 }
6158 /**
6159 * microtime_diff
6160 *
6161 * @param string $a ?
6162 * @param string $b ?
6163 * @return string
6164 * @todo Finish documenting this function
6165 */
6170 }
6172 /**
6173 * Given a list (eg a,b,c,d,e) this function returns
6174 * an array of 1->a, 2->b, 3->c etc
6175 *
6176 * @param array $list ?
6177 * @param string $separator ?
6178 * @todo Finish documenting this function
6179 */
6185 }
6187 }
6189 /**
6190 * Creates an array that represents all the current grades that
6191 * can be chosen using the given grading type. Negative numbers
6192 * are scales, zero is no grade, and positive numbers are maximum
6193 * grades.
6194 *
6195 * @param int $gradingtype ?
6196 * return int
6197 * @todo Finish documenting this function
6198 */
6204 }
6208 }
6210 }
6212 }
6214 /**
6215 * This function returns the nummber of activities
6216 * using scaleid in a courseid
6217 *
6218 * @param int $courseid ?
6219 * @param int $scaleid ?
6220 * @return int
6221 * @todo Finish documenting this function
6222 */
6232 //Check cm->name/lib.php exists
6239 }
6240 }
6241 }
6242 }
6243 }
6245 // check if any course grade item makes use of the scale
6247 }
6249 }
6251 /**
6252 * This function returns the nummber of activities
6253 * using scaleid in the entire site
6254 *
6255 * @param int $scaleid ?
6256 * @return int
6257 * @todo Finish documenting this function. Is return type correct?
6258 */
6267 }
6273 }
6274 }
6275 }
6277 }
6279 /**
6280 * make_unique_id_code
6281 *
6282 * @param string $extra ?
6283 * @return string
6284 * @todo Finish documenting this function
6285 */
6297 }
6307 }
6308 }
6311 /**
6312 * Function to check the passed address is within the passed subnet
6313 *
6314 * The parameter is a comma separated string of subnet definitions.
6315 * Subnet strings can be in one of three formats:
6316 * 1: xxx.xxx.xxx.xxx/xx
6317 * 2: xxx.xxx
6318 * 3: xxx.xxx.xxx.xxx-xxx //a range of IP addresses in the last group.
6319 * Code for type 1 modified from user posted comments by mediator at
6320 * {@link http://au.php.net/manual/en/function.ip2long.php}
6321 *
6322 * @param string $addr The address you are checking
6323 * @param string $subnetstr The string of subnet addresses
6324 * @return bool
6325 */
6346 }
6349 }
6353 }
6354 }
6356 }
6358 /**
6359 * This function sets the $HTTPSPAGEREQUIRED global
6360 * (used in some parts of moodle to change some links)
6361 * and calculate the proper wwwroot to be used
6362 *
6363 * By using this function properly, we can ensure 100% https-ized pages
6364 * at our entire discretion (login, forgot_password, change_password)
6365 */
6375 // change theme URLs to https
6381 }
6382 }
6384 /**
6385 * For outputting debugging info
6386 *
6387 * @uses STDOUT
6388 * @param string $string ?
6389 * @param string $eol ?
6390 * @todo Finish documenting this function
6391 */
6398 }
6402 //delay to keep message on user's screen in case of subsequent redirect
6405 }
6406 }
6408 //Replace 1 or more slashes or backslashes to 1 slash
6411 }
6414 //Zip an array of files/dirs to a destination zip file
6415 //Both parameters must be FULL paths to the files/dirs
6419 //Extract everything from destination
6425 //If no file, error
6428 }
6430 //If no extension, add it
6434 }
6436 //Check destination path exists
6439 }
6441 //Check destination path is writable. TODO!!
6443 //Clean destination filename
6446 //Now check and prepare every file
6451 //Check for every file
6453 //Calculate the base path for all files if it isn't set
6456 }
6457 //See if the file is readable
6460 }
6461 //See if the file/dir is in the same directory than the rest
6464 }
6465 //Add the file to the array
6467 }
6469 //Everything is ready:
6470 // -$origpath is the path where ALL the files to be compressed reside (dir).
6471 // -$destpath is the destination path where the zip file will go (dir).
6472 // -$files is an array of files/dirs to compress (fullpath)
6473 // -$destfilename is the name of the zip file (without path)
6475 //print_object($files); //Debug
6480 //rewrite filenames because the old method with PCLZIP_OPT_REMOVE_PATH does not work under win32
6488 }
6489 //create the archive
6494 }
6502 }
6503 //Construct the command
6508 //All converted to backslashes in WIN
6511 }
6513 }
6515 }
6518 //Unzip one zip file to a destination dir
6519 //Both parameters must be FULL paths
6520 //If destination isn't specified, it will be the
6521 //SAME directory where the zip file resides.
6525 //Extract everything from zipfile
6531 //If no file, error
6534 }
6536 //If no extension, error
6539 }
6541 //Clear $zipfile
6544 //Check zipfile exists
6547 }
6549 //If no destination, passed let's go with the same directory
6552 }
6554 //Clear $destination
6557 //Check destination path exists
6560 }
6562 //Check destination path is writable. TODO!!
6564 //Everything is ready:
6565 // -$zippath is the path where the zip file resides (dir)
6566 // -$zipfilename is the name of the zip file (without path)
6567 // -$destpath is the destination path where the zip file will uncompressed (dir)
6580 }
6591 //All converted to backslashes in WIN
6594 }
6596 }
6598 //Display some info about the unzip execution
6601 }
6604 }
6607 //This function is used as callback in unzip_file() function
6608 //to clean illegal characters for given platform and to prevent directory traversal.
6609 //Produces the same result as info-zip unzip.
6610 $p_header['filename'] = ereg_replace('[[:cntrl:]]', '', $p_header['filename']); //strip control chars first!
6611 $p_header['filename'] = ereg_replace('\.\.+', '', $p_header['filename']); //directory traversal protection
6613 $p_header['filename'] = ereg_replace('[:*"?<>|]', '_', $p_header['filename']); //replace illegal chars
6614 $p_header['filename'] = ereg_replace('^([a-zA-Z])_', '\1:', $p_header['filename']); //repair drive letter
6616 //Add filtering for other systems here
6617 // BSD: none (tested)
6618 // Linux: ??
6619 // MacosX: ??
6620 }
6621 $p_header['filename'] = cleardoubleslashes($p_header['filename']); //normalize the slashes/backslashes
6623 }
6626 //This function shows the results of the unzip execution
6627 //depending of the value of the $CFG->zip, results will be
6628 //text or an array of files.
6650 }
6655 }
6663 }
6666 }
6667 }
6669 /**
6670 * Returns most reliable client address
6671 *
6672 * @return string The remote IP address
6673 */
6677 }
6680 }
6683 }
6685 }
6687 /**
6688 * Cleans a remote address ready to put into the log table
6689 */
6693 // first get all things that look like IP addresses.
6696 }
6700 // print_r($match);
6701 // check to make sure it's not an internal address.
6702 // the following are reserved for private lans...
6703 // 10.0.0.0 - 10.255.255.255
6704 // 172.16.0.0 - 172.31.255.255
6705 // 192.168.0.0 - 192.168.255.255
6706 // 169.254.0.0 -169.254.255.255
6709 // weird, preg match shouldn't give us it.
6711 }
6718 }
6719 // finally, it's ok
6721 }
6723 // perhaps we have a lan match, it's probably better to return that.
6728 }
6729 }
6732 }
6733 error_log("NOTICE: cleanremoteaddr gives us something funny: $originaladdr had ".count($goodmatches)." matches");
6734 // we need to return something, so
6736 }
6738 /**
6739 * file_put_contents is only supported by php 5.0 and higher
6740 * so if it is not predefined, define it here
6741 *
6742 * @param $file full path of the file to write
6743 * @param $contents contents to be sent
6744 * @return number of bytes written (false on error)
6745 */
6752 }
6754 }
6755 }
6757 /**
6758 * The clone keyword is only supported from PHP 5 onwards.
6759 * The behaviour of $obj2 = $obj1 differs fundamentally
6760 * between PHP 4 and PHP 5. In PHP 4 a copy of $obj1 was
6761 * created, in PHP 5 $obj1 is referenced. To create a copy
6762 * in PHP 5 the clone keyword was introduced. This function
6763 * simulates this behaviour for PHP < 5.0.0.
6764 * See also: http://mjtsai.com/blog/2004/07/15/php-5-object-references/
6765 *
6766 * Modified 2005-09-29 by Eloy (from Julian Sedding proposal)
6767 * Found a better implementation (more checks and possibilities) from PEAR:
6768 * http://cvs.php.net/co.php/pear/PHP_Compat/Compat/Function/clone.php
6769 *
6770 * @param object $obj
6771 * @return object
6772 */
6774 // the eval is needed to prevent PHP 5 from getting a parse error!
6777 /// Sanity check
6780 return;
6781 }
6783 /// Use serialize/unserialize trick to deep copy the object
6786 /// If there is a __clone method call it on the "new" class
6789 }
6792 }
6794 // Supply the PHP5 function scandir() to older versions.
6800 }
6802 }
6804 }
6806 // Supply the PHP5 function array_combine() to older versions.
6809 return false;
6810 }
6816 }
6818 }
6820 }
6822 /**
6823 * This function will make a complete copy of anything it's given,
6824 * regardless of whether it's an object or not.
6825 * @param mixed $thing
6826 * @return mixed
6827 */
6830 }
6833 /*
6834 * This function expects to called during shutdown
6835 * should be set via register_shutdown_function()
6836 * in lib/setup.php .
6837 *
6838 * Right now we do it only if we are under apache, to
6839 * make sure apache children that hog too much mem are
6840 * killed.
6841 *
6842 */
6847 // initially, we are only ever called under apache
6848 // but check just in case
6854 }
6857 @apache_child_terminate();
6858 }
6859 }
6864 }
6877 }
6878 }
6882 }
6883 }
6884 }
6885 }
6887 /**
6888 * If new messages are waiting for the current user, then return
6889 * Javascript code to create a popup window
6890 *
6891 * @return string Javascript code
6892 */
6902 }
6905 if (count_records_select('message', 'useridto = \''.$USER->id.'\' AND timecreated > \''.$USER->message_lastpopup.'\'')) {
6907 return '<script type="text/javascript">'."\n//<![CDATA[\n openpopup('/message/index.php', 'message',
6908 'menubar=0,location=0,scrollbars,status,resizable,width=400,height=500', 0);\n//]]>\n</script>";
6909 }
6910 }
6911 }
6912 }
6913 }
6916 }
6918 // Used to make sure that $min <= $value <= $max
6922 }
6925 }
6927 }
6933 }
6934 }
6936 }
6938 /**
6939 *** get_performance_info() pairs up with init_performance_info()
6940 *** loaded in setup.php. Returns an array with 'html' and 'txt'
6941 *** values ready for use, and each of the individual stats provided
6942 *** separately as well.
6943 ***
6944 **/
6960 $info['html'] .= '<span class="memoryused">RAM: '.display_size($info['memory_total']).'</span> ';
6961 $info['txt'] .= 'memory_total: '.$info['memory_total'].'B (' . display_size($info['memory_total']).') memory_growth: '.$info['memory_growth'].'B ('.display_size($info['memory_growth']).') ';
6962 }
6965 //error_log(print_r($inc,1));
6974 }
6980 }
6984 $info['html'] .= '<span class="profilinginfo">'.Profiler::get_profiling(array('-R')).'</span>';
6985 }
6992 }
6993 $info['html'] .= "<span class=\"posixtimes\">ticks: $info[ticks] user: $info[utime] sys: $info[stime] cuser: $info[cutime] csys: $info[cstime]</span> ";
6994 $info['txt'] .= "ticks: $info[ticks] user: $info[utime] sys: $info[stime] cuser: $info[cutime] csys: $info[cstime] ";
6995 }
6996 }
6998 // Grab the load average for the last minute
6999 // /proc will only work under some linux configurations
7000 // while uptime is there under MacOSX/Darwin and other unices
7004 } else if ( function_exists('is_executable') && is_executable('/usr/bin/uptime') && $loadavg = `/usr/bin/uptime` ) {
7009 }
7010 }
7015 }
7024 }
7027 }
7031 }
7034 // if content_only=true then delete all but
7035 // the directory itself
7044 }
7045 }
7046 }
7050 }
7052 }
7054 /**
7055 * Function to check if a directory exists and optionally create it.
7056 *
7057 * @param string absolute directory path
7058 * @param boolean create directory if does not exist
7059 * @param boolean create directory recursively
7060 *
7061 * @return boolean true if directory exists or created
7062 */
7075 // PHP 5.0 has recursive mkdir parameter, but 4.x does not :-(
7082 }
7088 }
7089 }
7090 }
7093 }
7094 }
7095 }
7097 }
7104 }
7105 // Set up default theme and locale
7109 //clear session cookies
7111 setcookie('MoodleSessionTest'.$CFG->sessioncookie, '', time() - 3600, $CFG->sessioncookiepath);
7112 //increment database error counters
7117 }
7119 }
7122 /**
7123 * Detect if an object or a class contains a given property
7124 * will take an actual object or the name of a class
7125 * @param mix $obj Name of class or real object to test
7126 * @param string $property name of property to find
7127 * @return bool true if property exists
7128 */
7132 }
7135 }
7137 }
7140 /**
7141 * Detect a custom script replacement in the data directory that will
7142 * replace an existing moodle script
7143 * @param string $urlpath path to the original script
7144 * @return string full path name if a custom script exists
7145 * @return bool false if no custom script exists
7146 */
7150 // set default $urlpath, if necessary
7153 }
7155 // $urlpath is invalid if it is empty or does not start with the Moodle wwwroot
7158 }
7160 // replace wwwroot with the path to the customscripts folder and clean path
7161 $scriptpath = $CFG->customscripts . clean_param(substr($urlpath, strlen($CFG->wwwroot)), PARAM_PATH);
7163 // remove the query string, if any
7166 }
7168 // remove trailing slashes, if any
7171 // append index.php, if necessary
7174 }
7176 // check the custom script exists
7181 }
7182 }
7184 /**
7185 * Wrapper function to load necessary editor scripts
7186 * to $CFG->editorsrc array. Params can be coursei id
7187 * or associative array('courseid' => value, 'name' => 'editorname').
7188 * @uses $CFG
7189 * @param mixed $args Courseid or associative array.
7190 */
7195 }
7197 /**
7198 * Returns whether or not the user object is a remote MNET user. This function
7199 * is in moodlelib because it does not rely on loading any of the MNET code.
7200 *
7201 * @param object $user A valid user object
7202 * @return bool True if the user is from a remote Moodle.
7203 */
7212 }
7215 }
7217 /**
7218 * Checks if a given plugin is in the list of enabled enrolment plugins.
7219 *
7220 * @param string $auth Enrolment plugin.
7221 * @return boolean Whether the plugin is enabled.
7222 */
7226 // use the global default if not specified
7229 }
7231 }
7233 /**
7234 * This function will search for browser prefereed languages, setting Moodle
7235 * to use the best one available if $SESSION->lang is undefined
7236 */
7242 // Lang is defined in session or user profile, nothing to do
7244 }
7246 if (!isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { // There isn't list of browser langs, nothing to do
7248 }
7250 /// Extract and clean langs from headers
7265 }
7266 }
7271 /// Look for such langs under standard locations
7273 $lang = strtolower(clean_param($lang.'_utf8', PARAM_SAFEDIR)); // clean it properly for include
7276 }
7277 if (file_exists($CFG->dataroot .'/lang/'. $lang) or file_exists($CFG->dirroot .'/lang/'. $lang)) {
7280 }
7281 }
7283 }
7286 ////////////////////////////////////////////////////////////////////////////////
7293 }
7294 }
7296 /**
7297 * Checks whether the given variable name is defined as a variable within the given object.
7298 * @note This will NOT work with stdClass objects, which have no class variables.
7299 * @param string $var The variable name
7300 * @param object $object The object to check
7301 * @return boolean
7302 */
7307 }
7309 /**
7310 * Returns an array without repeated objects.
7311 * This function is similar to array_unique, but for arrays that have objects as values
7312 *
7313 * @param unknown_type $array
7314 * @param unknown_type $keep_key_assoc
7315 * @return unknown
7316 */
7322 // convert objects to arrays, in_array() does not support objects
7325 }
7331 }
7332 }
7336 }
7339 }
7341 // vim:autoindent:expandtab:shiftwidth=4:tabstop=4:tw=140:
7342 ?>